{"update": {"autokarma": true, "autotime": false, "stable_karma": 3, "stable_days": 0, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "* CVE-2015-8619: Fix sendkey out of bounds (bz #1292757)\n* CVE-2016-1981: infinite loop in e1000 (bz #1299995)\n* Fix Out-of-bounds read in usb-ehci (bz #1300234, bz #1299455)\n* CVE-2016-2197: ahci: null pointer dereference (bz #1302952)\n* Fix gdbstub for VSX registers for ppc64 (bz #1304377)\n* Fix qemu-img vmdk images to work with VMware (bz #1299185)", "type": "security", "status": "stable", "request": null, "severity": "unspecified", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2016-02-16 14:13:37", "date_modified": null, "date_approved": null, "date_testing": "2016-02-17 04:35:05", "date_stable": "2016-02-21 16:23:38", "alias": "FEDORA-2016-b49aaf2c56", "test_gating_status": null, "from_tag": null, "date_pushed": "2016-02-21 16:23:38", "meets_testing_requirements": false, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2016-b49aaf2c56", "title": "qemu-2.4.1-7.fc23", "version_hash": "699d7fe0f890e46b8f3125ca4e07dac7d75f997a", "release": {"name": "F23", "long_name": "Fedora 23", "version": "23", "id_prefix": "FEDORA", "branch": "f23", "dist_tag": "f23", "stable_tag": "f23-updates", "testing_tag": "f23-updates-testing", "candidate_tag": "f23-updates-candidate", "pending_signing_tag": "f23-signing-pending", "pending_testing_tag": "f23-updates-testing-pending", "pending_stable_tag": "f23-updates-pending", "override_tag": "f23-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": null, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "crobinso", "email": "crobinso@redhat.com", "id": 400, "avatar": "https://seccdn.libravatar.org/avatar/4340cf6494ecc1cee077e78c982aaa258e8ca64ea8e9dc9ff84c26ce8a43f8b1?s=24&d=retro", "openid": "crobinso.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "virtmaint-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "hosted-content"}, {"name": "kubevirt"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by crobinso. ", "timestamp": "2016-02-16 14:13:37", "update_id": 50938, "user_id": 91, "id": 389745, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2016-02-17 06:30:13", "update_id": 50938, "user_id": 91, "id": 390137, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "Works for me.", "timestamp": "2016-02-17 20:11:02", "update_id": 50938, "user_id": 536, "id": 390452, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "mhayden", "email": "mhayden@redhat.com", "id": 536, "avatar": "https://seccdn.libravatar.org/avatar/9f9c7ca41ea68469600931af4193d0dc1dcb47d3cdbd481fa39fbaae417f4f2f?s=24&d=retro", "openid": "mhayden.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitfedora-security-team"}, {"name": "aws-fedora-ci"}, {"name": "cloud-sig"}, {"name": "rhel-lightspeed"}]}}, {"karma": 1, "karma_critpath": 0, "text": "works for me with fedora and centos guests", "timestamp": "2016-02-17 20:32:48", "update_id": 50938, "user_id": 739, "id": 390487, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "cserpentis", "email": "cserpentis@gmail.com", "id": 739, "avatar": "https://seccdn.libravatar.org/avatar/a3febfef42f58ed535f3c3a3cf9743653cd774dbb6e4554e2ce7c847d9802b6c?s=24&d=retro", "openid": "cserpentis.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by bodhi. ", "timestamp": "2016-02-17 22:30:04", "update_id": 50938, "user_id": 91, "id": 390531, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "no regressions noted", "timestamp": "2016-02-17 22:30:05", "update_id": 50938, "user_id": 124, "id": 390532, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "filiperosset", "email": "rosset.filipe@gmail.com", "id": 124, "avatar": "https://seccdn.libravatar.org/avatar/f4394b8fb4c9a99c4b534dc724912fe75a5b87fe15048985ece8388c2441d0ca?s=24&d=retro", "openid": "filiperosset.id.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "l10n"}, {"name": "cvsl10n"}, {"name": "fedora-br"}, {"name": "trust admins"}]}}, {"karma": 1, "karma_critpath": 0, "text": "Works for me.", "timestamp": "2016-02-20 23:18:40", "update_id": 50938, "user_id": 435, "id": 391324, "bug_feedback": [{"karma": 0, "comment_id": 391324, "bug_id": 1300234, "bug": {"bug_id": 1300234, "title": "qemu: Out-of-bounds read in usb-echi [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 391324, "bug_id": 1299455, "bug": {"bug_id": 1299455, "title": "Qemu: usb ehci out-of-bounds read in ehci_process_itd", "security": true, "parent": true}}, {"karma": 0, "comment_id": 391324, "bug_id": 1304377, "bug": {"bug_id": 1304377, "title": "Fedora - QEMU gdbserver cannot access VSX registers", "security": false, "parent": false}}, {"karma": 0, "comment_id": 391324, "bug_id": 1292757, "bug": {"bug_id": 1292757, "title": "CVE-2015-8619 qemu: Stack-based buffer overflow in hmp_sendkey() [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 391324, "bug_id": 1299995, "bug": {"bug_id": 1299995, "title": "CVE-2016-1981 qemu: qemu-kvm: Infinite loop and out-of-bounds transfer start in start_xmit() and e1000_receive_iov() [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 391324, "bug_id": 1302952, "bug": {"bug_id": 1302952, "title": "CVE-2016-2197 qemu: Null pointer dereference in ahci [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 391324, "bug_id": 1283926, "bug": {"bug_id": 1283926, "title": "CVE-2015-8619 Qemu: hmp: stack based OOB write in hmp_sendkey routine", "security": true, "parent": true}}, {"karma": 0, "comment_id": 391324, "bug_id": 1298570, "bug": {"bug_id": 1298570, "title": "CVE-2016-1981 Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines", "security": true, "parent": true}}, {"karma": 0, "comment_id": 391324, "bug_id": 1302057, "bug": {"bug_id": 1302057, "title": "CVE-2016-2197 Qemu: ide: ahci null pointer dereference when using FIS CLB engines", "security": true, "parent": true}}], "testcase_feedback": [], "user": {"name": "dfateyev", "email": "denis@fateyev.com", "id": 435, "avatar": "https://seccdn.libravatar.org/avatar/32aa9682b20e7044516bb2fb2ac9395ef81429d5451cd25da3f13cb806ced74b?s=24&d=retro", "openid": "dfateyev.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "trust admins"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2016-02-21 16:32:15", "update_id": 50938, "user_id": 91, "id": 391567, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "qemu-2.4.1-7.fc23", "signed": true, "release_id": 11, "type": "rpm", "epoch": 2}], "bugs": [{"bug_id": 1283926, "title": "CVE-2015-8619 Qemu: hmp: stack based OOB write in hmp_sendkey routine", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 391324, "bug_id": 1283926, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works for me.", "timestamp": "2016-02-20 23:18:40", "update_id": 50938, "user_id": 435, "id": 391324, "testcase_feedback": [], "user": {"name": "dfateyev", "email": "denis@fateyev.com", "id": 435, "avatar": "https://seccdn.libravatar.org/avatar/32aa9682b20e7044516bb2fb2ac9395ef81429d5451cd25da3f13cb806ced74b?s=24&d=retro", "openid": "dfateyev.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "trust admins"}]}}}]}, {"bug_id": 1292757, "title": "CVE-2015-8619 qemu: Stack-based buffer overflow in hmp_sendkey() [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 391324, "bug_id": 1292757, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works for me.", "timestamp": "2016-02-20 23:18:40", "update_id": 50938, "user_id": 435, "id": 391324, "testcase_feedback": [], "user": {"name": "dfateyev", "email": "denis@fateyev.com", "id": 435, "avatar": "https://seccdn.libravatar.org/avatar/32aa9682b20e7044516bb2fb2ac9395ef81429d5451cd25da3f13cb806ced74b?s=24&d=retro", "openid": "dfateyev.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "trust admins"}]}}}]}, {"bug_id": 1298570, "title": "CVE-2016-1981 Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 391324, "bug_id": 1298570, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works for me.", "timestamp": "2016-02-20 23:18:40", "update_id": 50938, "user_id": 435, "id": 391324, "testcase_feedback": [], "user": {"name": "dfateyev", "email": "denis@fateyev.com", "id": 435, "avatar": "https://seccdn.libravatar.org/avatar/32aa9682b20e7044516bb2fb2ac9395ef81429d5451cd25da3f13cb806ced74b?s=24&d=retro", "openid": "dfateyev.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "trust admins"}]}}}]}, {"bug_id": 1299455, "title": "Qemu: usb ehci out-of-bounds read in ehci_process_itd", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 391324, "bug_id": 1299455, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works for me.", "timestamp": "2016-02-20 23:18:40", "update_id": 50938, "user_id": 435, "id": 391324, "testcase_feedback": [], "user": {"name": "dfateyev", "email": "denis@fateyev.com", "id": 435, "avatar": "https://seccdn.libravatar.org/avatar/32aa9682b20e7044516bb2fb2ac9395ef81429d5451cd25da3f13cb806ced74b?s=24&d=retro", "openid": "dfateyev.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "trust admins"}]}}}]}, {"bug_id": 1299995, "title": "CVE-2016-1981 qemu: qemu-kvm: Infinite loop and out-of-bounds transfer start in start_xmit() and e1000_receive_iov() [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 391324, "bug_id": 1299995, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works for me.", "timestamp": "2016-02-20 23:18:40", "update_id": 50938, "user_id": 435, "id": 391324, "testcase_feedback": [], "user": {"name": "dfateyev", "email": "denis@fateyev.com", "id": 435, "avatar": "https://seccdn.libravatar.org/avatar/32aa9682b20e7044516bb2fb2ac9395ef81429d5451cd25da3f13cb806ced74b?s=24&d=retro", "openid": "dfateyev.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "trust admins"}]}}}]}, {"bug_id": 1300234, "title": "qemu: Out-of-bounds read in usb-echi [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 391324, "bug_id": 1300234, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works for me.", "timestamp": "2016-02-20 23:18:40", "update_id": 50938, "user_id": 435, "id": 391324, "testcase_feedback": [], "user": {"name": "dfateyev", "email": "denis@fateyev.com", "id": 435, "avatar": "https://seccdn.libravatar.org/avatar/32aa9682b20e7044516bb2fb2ac9395ef81429d5451cd25da3f13cb806ced74b?s=24&d=retro", "openid": "dfateyev.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "trust admins"}]}}}]}, {"bug_id": 1302057, "title": "CVE-2016-2197 Qemu: ide: ahci null pointer dereference when using FIS CLB engines", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 391324, "bug_id": 1302057, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works for me.", "timestamp": "2016-02-20 23:18:40", "update_id": 50938, "user_id": 435, "id": 391324, "testcase_feedback": [], "user": {"name": "dfateyev", "email": "denis@fateyev.com", "id": 435, "avatar": "https://seccdn.libravatar.org/avatar/32aa9682b20e7044516bb2fb2ac9395ef81429d5451cd25da3f13cb806ced74b?s=24&d=retro", "openid": "dfateyev.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "trust admins"}]}}}]}, {"bug_id": 1302952, "title": "CVE-2016-2197 qemu: Null pointer dereference in ahci [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 391324, "bug_id": 1302952, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works for me.", "timestamp": "2016-02-20 23:18:40", "update_id": 50938, "user_id": 435, "id": 391324, "testcase_feedback": [], "user": {"name": "dfateyev", "email": "denis@fateyev.com", "id": 435, "avatar": "https://seccdn.libravatar.org/avatar/32aa9682b20e7044516bb2fb2ac9395ef81429d5451cd25da3f13cb806ced74b?s=24&d=retro", "openid": "dfateyev.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "trust admins"}]}}}]}, {"bug_id": 1304377, "title": "Fedora - QEMU gdbserver cannot access VSX registers", "security": false, "parent": false, "feedback": [{"karma": 0, "comment_id": 391324, "bug_id": 1304377, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works for me.", "timestamp": "2016-02-20 23:18:40", "update_id": 50938, "user_id": 435, "id": 391324, "testcase_feedback": [], "user": {"name": "dfateyev", "email": "denis@fateyev.com", "id": 435, "avatar": "https://seccdn.libravatar.org/avatar/32aa9682b20e7044516bb2fb2ac9395ef81429d5451cd25da3f13cb806ced74b?s=24&d=retro", "openid": "dfateyev.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "go-sig"}, {"name": "trust admins"}]}}}]}], "updateid": "FEDORA-2016-b49aaf2c56", "karma": 4, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}